Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•1 views

CVE-2022-50614

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix pciendpointtestcopy,write,read panic The dmamapsingle doesn't permit zero length mapping. It causes a follow panic. A panic was reported on arm64: 60.137988 ------------ cut here ------------ 60.142630...

5.7AI score0.00168EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•2 views

CVE-2023-53755

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling ptcmdcallback Resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver had been exercised. The issue was the ptissuepending functi...

5.7AI score0.00155EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•1 views

CVE-2023-53754

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfcsli4pcimemsetup When iftype equals zero and pciresourcestartpdev, PCI64BITBAR4 returns false, drblregsmemmapp is not remapped. This passes a NULL pointer to iounmap, which can trigger a WARN ...

5.9AI score0.00176EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•1 views

CVE-2022-50583

In the Linux kernel, the following vulnerability has been resolved: md/raid0, raid10: Don't set discard sectors for request queue It should use diskstacklimits to get a proper maxdiscardsectors rather than setting a value by stack drivers. And there is a bug. If all member disks are rotational...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•4 views

CVE-2025-40311

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: support mapping cb with vmalloc-backed coherent memory When IOMMU is enabled, dmaalloccoherent with GFPUSER may return addresses from the vmalloc range. If such an address is mapped without VMMIXEDMAP,...

5.7AI score0.00156EPSS
Exploits0References21
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•2 views

CVE-2025-40323

In the Linux kernel, the following vulnerability has been resolved: fbcon: Set fbdisplayi-mode to NULL when the mode is released Recently, we discovered the following issue through syzkaller: BUG: KASAN: slab-use-after-free in fbmodeisequal+0x285/0x2f0 Read of size 4 at addr ff11000001b3c69c by...

5.7AI score0.00161EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•2 views

CVE-2025-40312

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify inode mode when loading from disk The inode mode loaded from corrupted disk can be invalid. Do like what commit 0a9e74051313 "isofs: Verify inode mode when loading from disk" does...

5.7AI score0.00165EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•3 views

CVE-2025-40308

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack trace: KASAN:...

5.8AI score0.00165EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•2 views

CVE-2025-40309

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on scoconnfree BUG: KASAN: slab-use-after-free in scoconnfree net/bluetooth/sco.c:87 inline BUG: KASAN: slab-use-after-free in krefput include/linux/kref.h:65 inline BUG: KASAN: slab-use-after-free in...

5.9AI score0.00145EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•1 views

CVE-2025-40321

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode Currently, whenever there is a need to transmit an Action frame, the brcmfmac driver always uses the P2P vif to send the "actframe" IOVAR to firmware. Th...

5.9AI score0.00168EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•1 views

CVE-2025-40306

In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosure with the following warning: The helper xattrkey uses the pointer variable in the loop condition rather than dereferencing it. As...

5.8AI score0.00182EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•3 views

CVE-2023-53745

In the Linux kernel, the following vulnerability has been resolved: um: vector: Fix memory leak in vectorconfig If the return value of the umlparsevectorifspec function is NULL, we should call kfreeparams to prevent memory leak...

5.9AI score0.00173EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•2 views

CVE-2023-53760

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: mcq: Fix &hwq-cqlock deadlock issue When ufshcderrhandler is executed, CQ event interrupt can enter waiting for the same lock. This can happen in ufshcdhandlemcqcqevents and also in ufsmtkmcqintr. The following...

5.7AI score0.00145EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•1 views

CVE-2025-40317

In the Linux kernel, the following vulnerability has been resolved: regmap: slimbus: fix buscontext pointer in regmap init calls Commit 4e65bda8273c "ASoC: wcd934x: fix error handling in wcd934xcodecparsedata" revealed the problem in the slimbus regmap. That commit breaks audio playback, for...

5.7AI score0.00165EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•4 views

CVE-2023-53757

In the Linux kernel, the following vulnerability has been resolved: irqchip/irq-mvebu-gicp: Fix refcount leak in mvebugicpprobe ofirqfindparent returns a node pointer with refcount incremented, We should use ofnodeput on it when not needed anymore. Add missing ofnodeput to avoid refcount leak...

5.9AI score0.00165EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•1 views

CVE-2025-40298

In the Linux kernel, the following vulnerability has been resolved: gve: Implement settime64 with -EOPNOTSUPP ptpclocksettime assumes every ptpclock has implemented settime64. Stub it with -EOPNOTSUPP to prevent a NULL dereference...

5.7AI score0.00155EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•1 views

CVE-2023-53746

In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfioap device driver The device release callback function invoked to release the matrix device uses the devgetdrvdatadevice dev function to retrieve the pointer to the vfiomatrixdev object in orde...

6.1AI score0.00161EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•2 views

CVE-2025-40302

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...

5.8AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•3 views

CVE-2023-53761

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a user submits an ioctl for a 0-length control transfer, the driver does not check that the direction is...

6.1AI score0.00161EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•5 views

CVE-2023-53758

In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove An early error exit in atmelqspiremove doesn't prevent the device unbind. So this results in an spi controller with an unbound parent and unmapped regist...

5.7AI score0.00156EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/08 12:0 a.m.•2 views

CVE-2023-53742

In the Linux kernel, the following vulnerability has been resolved: kcsan: Avoid READONCE in readinstrumentedmemory Haibo Li reported: | Unable to handle kernel paging request at virtual address | ffffff802a0d8d7171 | Mem abort info:o: | ESR = 0x9600002121 | EC = 0x25: DABT current EL, IL = 32...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40277

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGACMDMAXDATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access...

6.4AI score0.00335EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•0 views

CVE-2025-40267

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: ensure allocated iovec gets cleared for early failure A previous commit reused the recyling infrastructure for early cleanup, but this is not enough for the case where our internal caches have overflowed. If this...

5.7AI score0.00145EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40288

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices Previously, APU platforms and other scenarios with uninitialized VRAM managers triggered a NULL pointer dereference in ttmresourcemanagerusage. The root cause...

5.7AI score0.00156EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•3 views

CVE-2025-40286

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible memory leak in smb2read Memory leak occurs when ksmbdvfsread fails. Fix this by adding the missing kvfree...

5.7AI score0.00171EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40279

In the Linux kernel, the following vulnerability has been resolved: net: sched: actconnmark: initialize struct tcife to fix kernel leak In tcfconnmarkdump, the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nlaput copi...

5.9AI score0.00164EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40287

In the Linux kernel, the following vulnerability has been resolved: exfat: fix improper check of dentry.stream.validsize We found an infinite loop bug in the exFAT file system that can lead to a Denial-of-Service DoS condition. When a dentry in an exFAT filesystem is malformed, the following syst...

5.8AI score0.00169EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•3 views

CVE-2025-40272

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...

5.9AI score0.00179EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40274

In the Linux kernel, the following vulnerability has been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e. even if its file refcount has gone to zer...

5.8AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40278

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...

5.8AI score0.00199EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40273

In the Linux kernel, the following vulnerability has been resolved: NFSD: free copynotify stateid in nfs4freeolstateid Typically copynotify stateid is freed either when parent's stateid is being close/freed or in nfsd4laundromat if the stateid hasn't been used in a lease period. However, in case...

5.8AI score0.00176EPSS
Exploits0References34
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40275

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved via usbifnumtoif. If this call fails, a fallback...

5.9AI score0.00165EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•2 views

CVE-2025-40268

In the Linux kernel, the following vulnerability has been resolved: cifs: client: fix memory leak in smb3fscontextparseparam The user calls fsconfig twice, but when the program exits, free only frees ctx-source for the second fsconfig, not the first. Regarding fc-source, there is no code in the f...

5.8AI score0.00156EPSS
Exploits0References21
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•4 views

CVE-2025-40281

In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of-bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...

5.9AI score0.00199EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•3 views

CVE-2025-40285

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2sesssetup Reference count of ksmbdsession will leak when session need reconnect. Fix this by adding the missing ksmbdusersessionput...

5.7AI score0.00171EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40280

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcmonreinitself. syzbot reported use-after-free of tipcnetnet-monitors in tipcmonreinitself. 0 The array is protected by RTNL, but tipcmonreinitself iterates over it without RTNL. tipcmonreinitself i...

5.9AI score0.00199EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•3 views

CVE-2025-40289

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM Otherwise accessing them can cause a crash...

5.7AI score0.00169EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40269

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential overflow of PCM transfer buffer The PCM stream data in USB-audio driver is transferred over USB URB packet buffers, and each packet size is determined dynamically. The packet sizes are limited by so...

6.4AI score0.00214EPSS
Exploits0References34
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•0 views

CVE-2025-40271

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...

6.2AI score0.00544EPSS
Exploits3References35
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•2 views

CVE-2025-40276

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Flush shmem writes before mapping buffers CPU-uncached The shmem layer zeroes out the new pages using cached mappings, and if we don't CPU-flush we might leave dirty cachelines behind, leading to potential data leaks...

5.8AI score0.0017EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•9 views

CVE-2025-40284

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: cancel mesh send timer when hdev removed meshsenddone timer is not canceled when hdev is removed, which causes crash if the timer triggers after hdev is gone. Cancel the timer when MGMT removes the hdev, like oth...

5.7AI score0.00171EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40282

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: 6lowpan: reset link-local header on ipv6 recv path Bluetooth 6lowpan.c netdev has headerops, so it must set link-local header for RX skb, otherwise things crash, eg. with AFPACKET SOCKRAW Add missing skbresetmacheader...

5.7AI score0.0018EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•1 views

CVE-2025-40283

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: reorder cleanup in btusbdisconnect to avoid UAF There is a KASAN: slab-use-after-free read in btusbdisconnect. Calling "usbdriverreleaseinterface&btusbdriver, data-intf" will free the btusb data associated with...

5.9AI score0.00184EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/06 10:15 p.m.•6 views

CVE-2025-40270

In the Linux kernel, the following vulnerability has been resolved: mm, swap: fix potential UAF issue for VMA readahead Since commit 78524b05f1a3 "mm, swap: avoid redundant swap device pinning", the common helper for allocating and preparing a folio in the swap cache layer no longer tries to get ...

5.7AI score0.00162EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/05 7:15 p.m.•4 views

CVE-2025-66570

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can inject headers named REMOTEADDR, REMOTEPORT,...

10CVSS7.1AI score0.00302EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2025/12/05 7:15 p.m.•1 views

CVE-2025-66577

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can supply X-Forwarded-For or X-Real-IP headers which...

5.3CVSS5.7AI score0.00236EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/12/05 6:15 p.m.•1 views

CVE-2025-66549

Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...

2.7CVSS5.8AI score0.00242EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/05 6:15 p.m.•1 views

CVE-2025-66566

yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is...

8.2CVSS6.9AI score0.00541EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/12/05 5:16 p.m.•3 views

CVE-2025-14104

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam function, affecting SUID Set User ID login-utils utilities writing to the password database...

6.1CVSS6.8AI score0.00176EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/12/05 5:16 p.m.•3 views

CVE-2025-66471

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than...

8.9CVSS6.9AI score0.00622EPSS
Exploits0References8
Total number of security vulnerabilities68528